[El-errata] ELSA-2010-0394 Important: Enterprise Linux 4 kernel security, bug fix, and enhancement update

Errata Announcements for Enterprise Linux el-errata at oss.oracle.com
Thu May 6 08:54:04 PDT 2010 

Enterprise Linux Security Advisory ELSA-2010-0394

https://rhn.redhat.com/errata/RHSA-2010-0394.html

The following updated rpms for Enterprise Linux 4 have been uploaded to 
the Unbreakable Linux Network:

i386:
kernel-2.6.9-89.0.25.0.1.EL.i686.rpm
kernel-devel-2.6.9-89.0.25.0.1.EL.i686.rpm
kernel-doc-2.6.9-89.0.25.0.1.EL.noarch.rpm
kernel-hugemem-2.6.9-89.0.25.0.1.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.25.0.1.EL.i686.rpm
kernel-smp-2.6.9-89.0.25.0.1.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.25.0.1.EL.i686.rpm
kernel-xenU-2.6.9-89.0.25.0.1.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.25.0.1.EL.i686.rpm

x86_64:
kernel-2.6.9-89.0.25.0.1.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.25.0.1.EL.x86_64.rpm
kernel-doc-2.6.9-89.0.25.0.1.EL.noarch.rpm
kernel-largesmp-2.6.9-89.0.25.0.1.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.25.0.1.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.25.0.1.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.25.0.1.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.25.0.1.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.25.0.1.EL.x86_64.rpm

ia64:
kernel-2.6.9-89.0.25.0.1.EL.ia64.rpm
kernel-devel-2.6.9-89.0.25.0.1.EL.ia64.rpm
kernel-doc-2.6.9-89.0.25.0.1.EL.noarch.rpm
kernel-largesmp-2.6.9-89.0.25.0.1.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.0.25.0.1.EL.ia64.rpm


SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/kernel-2.6.9-89.0.25.0.1.EL.src.rpm

The following packages were rebuilt to be in sync with the updated 
kernel version (no changes other than updating the version number):

i386:
oracleasm-2.6.9-89.0.25.0.1.EL-2.0.5-1.el4.i686.rpm
oracleasm-2.6.9-89.0.25.0.1.ELhugemem-2.0.5-1.el4.i686.rpm
oracleasm-2.6.9-89.0.25.0.1.ELsmp-2.0.5-1.el4.i686.rpm
oracleasm-2.6.9-89.0.25.0.1.ELxenU-2.0.5-1.el4.i686.rpm
ocfs2-2.6.9-89.0.25.0.1.EL-1.2.9-1.el4.i686.rpm
ocfs2-2.6.9-89.0.25.0.1.ELhugemem-1.2.9-1.el4.i686.rpm
ocfs2-2.6.9-89.0.25.0.1.ELsmp-1.2.9-1.el4.i686.rpm
ocfs2-2.6.9-89.0.25.0.1.ELxenU-1.2.9-1.el4.i686.rpm

x86_64:
oracleasm-2.6.9-89.0.25.0.1.EL-2.0.5-1.el4.x86_64.rpm
oracleasm-2.6.9-89.0.25.0.1.ELlargesmp-2.0.5-1.el4.x86_64.rpm
oracleasm-2.6.9-89.0.25.0.1.ELsmp-2.0.5-1.el4.x86_64.rpm
oracleasm-2.6.9-89.0.25.0.1.ELxenU-2.0.5-1.el4.x86_64.rpm
ocfs2-2.6.9-89.0.25.0.1.EL-1.2.9-1.el4.x86_64.rpm
ocfs2-2.6.9-89.0.25.0.1.ELlargesmp-1.2.9-1.el4.x86_64.rpm
ocfs2-2.6.9-89.0.25.0.1.ELsmp-1.2.9-1.el4.x86_64.rpm
ocfs2-2.6.9-89.0.25.0.1.ELxenU-1.2.9-1.el4.x86_64.rpm

ia64:
oracleasm-2.6.9-89.0.25.0.1.EL-2.0.5-1.el4.ia64.rpm
oracleasm-2.6.9-89.0.25.0.1.ELlargesmp-2.0.5-1.el4.ia64.rpm
ocfs2-2.6.9-89.0.25.0.1.EL-1.2.9-1.el4.ia64.rpm
ocfs2-2.6.9-89.0.25.0.1.ELlargesmp-1.2.9-1.el4.ia64.rpm


SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/oracleasm-2.6.9-89.0.25.0.1.EL-2.0.5-1.el4.src.rpm
http://oss.oracle.com/el4/SRPMS-updates/ocfs2-2.6.9-89.0.25.0.1.EL-1.2.9-1.el4.src.rpm

Description of changes:


[2.6.9-89.0.25.0.1.EL]
- [XEN] fix cpu hotplug crash (Joe Jin) [orabug 7521308]
- [XEN] Bring up vcpus before khelper init (Joe Jin) [orabug 7521308]
- [XEN] flush the tlb cache immediately (Dave McCracken, Scott Shi) 
[orabug 9138767]
- fix skb alignment that was causing sendto() to fail with EFAULT
  (Olaf Kirch) [orabug 6845794]
- fix enomem due to larger mtu size page alloc (Zach Brown) [orabug 5486128]
- backout patch sysrq-b that queues upto keventd thread (Guru Anbalagane)
  [orabug 6125546]
- netrx/netpoll race avoidance (Tina Yang) [orabug 6143381]
- [XEN] Fix elf_core_dump (Tina Yang) [orabug 6995928]
- use lfence instead of cpuid instruction to implement memory barriers
  (Herbert van den Bergh) [orabug 7452412]
- add netpoll support to xen netfront (Tina Yang) [orabz 7261]
- [xen] execshield: fix endless GPF fault loop (Stephen Tweedie)
  [orabug 7175395]
- [xen]: port el5u2 patch that allows 64-bit PVHVM guest to boot with 32-bit
  dom0 [orabug 7452107] xenstore
- [mm] update shrink_zone patch to allow 100% swap utilization (John 
Sobecki,
  Chris Mason, Chuck Anderson, Dave McCracken) [orabug 7566319,6086839]
- [kernel] backport report_lost_ticks patch from EL5.2 (John Sobecki)
  [orabug 6110605]
- [xen] fix for hung JVM thread after #GPF [orabug 7916406] (Chuck Anderson)
- port EL5U3 patch to adjust totalhigh_pages in the balloon driver
  [orabug 8300888]
- check to see if hypervisor supports memory reservation change (Chuck 
Anderson)
  [orabug7556514]
- [XEN] use hypercall to fixmap pte updates (Mukesh Rathor) [orabug 8433329]
- fix oops in nlmclnt_mark_reclaim (Trond Myklebust) [orabug 8568878]
- [x86_64] Allowed machine_reboot running on boot_cpu (Joe Jin) [orabug 
8425237]
- FP register state is corrupted during the handling a SIGSEGV (Chuck 
Anderson)
  [orabug 7708133]
- [x86_64]: fix x86_64 largesmp kernel reboot hang (Joe Jin) [orabug 
bug9126592]
- [nfs]: fix file attribute caching (Chuck Lever, Herbert van den Bergh)
  [orabug 8449921]
- [mm] revert patch #2042 (John Sobecki) [orabug 8895251]

[2.6.9-89.0.25]
-net: fix an unexpectedly freed skb in tcp (Amerigo Wang) [577715 
577716] {CVE-2010-1188}
-net: fixup problems with vlan tagging and bonding driver option 
arp_validate=3 (Jiri Pirko) [580842 555070]
-virtio_net: fix tx wakeup race condition (Herbert Xu) [580089 574785]
-vfs: turn bad_inode_ops into an inode_operations_ext (Jeff Layton) 
[582908 544381]
-oprofile: Support arch_perfmon in Oprofile (John Villalovos) [582913 
553745]
-oprofile: Fix name collision issue in Oprofile (John Villalovos) 
[582913 553745]
-oprofile: Fixes for the perf counter reservation system in Oprofile 
(John Villalovos) [582913 553745]
-oprofile: Enable use of the perf counter reservation system into the 
oprofile driver (John Villalovos) [582913 553745]
-oprofile: final bits to support oprofile on Nehalem-EP (John 
Villalovos) [582241 509423]
-virt: fix i386 virtio driver crash (Chris Lalancette) [582911 509220]
-xen: fix pv guest crash when host has more than 64g ram (Chris 
Lalancette) [574392 504988]

[2.6.9-89.0.24]
-qla2xxx: update qla driver version from 8.02.09.02.04.08-d to 
8.02.09.01.04.09-d (Rob Evers) [577234 529063]
-diskdump: fix diskdump not working with qla2xxx (Rob Evers) [577234 529063]
-usb: fix information leak via userspace usb interface (Vitaly 
Mayatskikh) [566626 566627] {CVE-2010-1083}
-alsa: snd-hda-intel driver: avoid divide by zero (Jaroslav Kysela) 
[567169 567170] {CVE-2010-1085}
-dvb: fix endless loop when decoding ILE at dvb-core (Mauro Carvalho 
Chehab) [569239 569240] {CVE-2010-1086}
-ia64: ptrace: peek_or_poke requests can miss put_task_struct() (Oleg 
Nesterov) [572008 567321] {CVE-2010-0729}
-ia64: ptrace: peek_or_poke requests miss ptrace_check_attach() (Oleg 
Nesterov) [572008 567321] {CVE-2010-0729}
-tg3: refrain from touching MPS in tg3 (John Feeney) [567205 554525]
-netfilter: add connlimit match module support (Jiri Pirko) [563223 522000]
-netfilter: enable CONFIG_IP_NF_MATCH_CONNLIMIT=m (Jiri Pirko) [563223 
522000]

More information about the El-errata mailing list